CentOS - Sep 2014 - MariaDB repository

My C7 system has mariadb 5.5.37, installed from the Centos repository.
The latest version (with a security update is 5.5.39).  Mariadb.org has
its own repositories, but they don't list Centos 7 as an option. Is
anyone using the repository for Centos 6 with Centos 7?

See
https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5


-- 
-- Steve

On 09/10/2014 09:58 AM, Steven Stern wrote:
> My C7 system has mariadb 5.5.37, installed from the Centos repository.
> The latest version (with a security update is 5.5.39).  Mariadb.org has
> its own repositories, but they don't list Centos 7 as an option. Is
> anyone using the repository for Centos 6 with Centos 7?
> 
> See
>
https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5
> 
> 
Red Hat does backporting for updates, and CentOS rebuilds that
backported code.

If you look at the security issues you are talking about in mariadb 5.5,
you will see that they are ROLLED IN already:

https://rhn.redhat.com/errata/RHSA-2014-0702.html

But backported in the current version.

(The list of CVE's patched is on that page)

If you have other questions about backporting, read this:

https://access.redhat.com/security/updates/backporting

So the short message is, if you want to know if a CVE fix is included,
you can see on the errata page or here:

https://access.redhat.com/security/cve/

All the CentOS announcements are here:

http://lists.centos.org/pipermail/centos-announce/

Thanks,
Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.centos.org/pipermail/centos/attachments/20140910/c644a6dd/attachment-0004.sig>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/10/2014 10:29 AM, Johnny Hughes wrote:
> On 09/10/2014 09:58 AM, Steven Stern wrote:
>> My C7 system has mariadb 5.5.37, installed from the Centos
>> repository. The latest version (with a security update is
>> 5.5.39).  Mariadb.org has its own repositories, but they don't
>> list Centos 7 as an option. Is anyone using the repository for
>> Centos 6 with Centos 7?
>> 
>> See 
>>
https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5
>>
>>
>
>> 
> Red Hat does backporting for updates, and CentOS rebuilds that 
> backported code.
> 
> If you look at the security issues you are talking about in mariadb
> 5.5, you will see that they are ROLLED IN already:
> 
> https://rhn.redhat.com/errata/RHSA-2014-0702.html
> 
> But backported in the current version.
> 
> (The list of CVE's patched is on that page)
> 
> If you have other questions about backporting, read this:
> 
> https://access.redhat.com/security/updates/backporting
> 
> So the short message is, if you want to know if a CVE fix is
> included, you can see on the errata page or here:
> 
> https://access.redhat.com/security/cve/
> 
> All the CentOS announcements are here:
> 
> http://lists.centos.org/pipermail/centos-announce/
> 
> Thanks, Johnny Hughes
Thanks for the excellent (and reassuring) response.


- -- 
- -- Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUEG9UAAoJEDx7wfUw/4IOZtUH+wZnu7PKPP+13cb0YmR4h/qH
O92AOXHevbhtj8FogW7puwLLeyW7ud64d+WctgXXkctkXEEbIakigFmBGryXfHiy
FrPquQxKutZTWQ6UYwvhd4huFKv3PrBrmwjzOrcD1yA8N58tUw+yWdsd8hKvxp+I
oNhxllHQdU9G1Wb9oGtbYIcQL1hhCkLj5Oh6e3ExVwVLXVcPb+/WMuZRp8yP/cAy
DVa1wTM0oolexY+ZMAVNmGQxvx8nL9xEoXDTkQ6F2b9WXo7Dh+7W2TvTWwT+88Fj
6IBduDMuT8IOLduw9upeFodh27L/VY/LFX85HvpGIPFfxVZ2BEfjgJuCkyHKr84=JO4x
-----END PGP SIGNATURE-----